Some users are still having problems with the pop-up login. I think they are actually getting 403s because of the CSRF protection. So I have modified the base template to always have a javascript variable called csrf_token available when they aren't logged in. The ajax_login.js script was then modified to send this value with the ajax post. Fingers crossed.

{% load url from future %}
{% if stories %}
<h2>Current News Stories</h2>
{% for story in stories %}
   {% include 'news/story_summary.html' %}
{% endfor %}
<hr />
<p>For more news stories, check out our <a href="{% url 'news-index_page' %}">news archive</a>.</p>
{% endif %}